package org.brisling.authorize.shiro;

import java.security.MessageDigest;

import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.util.ByteSource;
import org.brisling.sysman.domain.Users;

public class PasswordSecurity {

//	private static Logger logger = LoggerFactory.getLogger(PasswordSecurity.class);
	static PasswordSecurity passwordSecurity = null;
	private PasswordSecurity(){}
	
	private static PasswordSecurity getPasswordSecurity(){
		if(passwordSecurity==null)
			passwordSecurity = new PasswordSecurity();
		
		return passwordSecurity;
	}
	
	/**
	 * 根据明文密码获取密文密码
	 * @param plainPassword
	 * @param uid
	 * @param salt
	 * @return	Object 加密后的密文密码
	 */
	public static Object getSecurityPassword (String plainPassword,Long uid,String salt){
		Object _password =new SimpleHash(Sha256Hash.ALGORITHM_NAME,plainPassword,ByteSource.Util.bytes(uid+salt),1);
		return _password;
	}
	
	/**
	 * 根据明文密码进行加密后匹配密文密码
	 * @param usr
	 * @param plainPassword
	 * @return Boolean 密码匹配结果
	 */
	public static Boolean authenticPassword(Users usr,String plainPassword){
		String _plainPassword = plainPassword==null?null:plainPassword.trim();
		
		String _encryptPassword = usr.getPassword();
		_encryptPassword=_encryptPassword==null?null:_encryptPassword.trim();
		
		Boolean retVal = false;
		if(_plainPassword==null){
			//明文密码为空
			if(_encryptPassword==null){
				//密文密码为空
				retVal= true;
			}
			//密文密码不为空，返回默认值false
		}else{
			//明文密码不为空
			if(_encryptPassword!=null){
				getPasswordSecurity();
				//密文密码不为空
				Object _encrptPlain = PasswordSecurity.getSecurityPassword(_plainPassword,usr.getId(),usr.getPassword_salt());
				if(_encrptPlain.toString().compareTo(_encryptPassword)==0){
					retVal = true;
				}
			}
			//密文密码为空，返回默认值false
		}
		
		return retVal;
	}
	
	/**
	 * 
	 * @return 生成的password salt 值
	 */	
	public static String generateSalt(){
		
		return new SecureRandomNumberGenerator().nextBytes().toHex();
	}
	
	/**
	 * 根据用户名和密码明文生成MD5密码字符串
	 * @param uid
	 * @param pwd
	 * @return
	 */
	public static String generateMD5(String uid,String pwd,Boolean isUpcase){
		if((uid==null) || (pwd==null)){
			return null;
		}
		
		boolean _upcase = (isUpcase==null)||isUpcase?isUpcase:false;
		
		byte[] md5 = null;
		String instr = uid + pwd;
		System.out.println("plain text:" + instr);
//		logger.debug("plain text:" + instr);
		StringBuffer hexValue = new StringBuffer();
		try{
			byte[] inbyte = instr.getBytes("UTF-8");
			MessageDigest md = MessageDigest.getInstance("MD5");
			md5 = md.digest(inbyte);
			
			for(int i=0;i<md5.length;i++){
				int val = md5[i]&0xff;
				if(val<16){
					hexValue.append("0");
				}
				hexValue.append(Integer.toHexString(val));
			}
		}catch(Exception e){
			e.printStackTrace();
		}
		
		String etext = hexValue.toString();
		//大小写判断
		if(_upcase){
			etext = etext.toUpperCase();
		}
		System.out.println("encrypt text:" + etext);
//		logger.debug("encrypt text:" + etext);
		return etext;
	}
	
	/**
	 * 获取asc密码
	 * @param uid
	 * @param pwd
	 * @param isUpcase
	 * @return
	 */
	public static String generateASC(String uid,String pwd,Boolean isUpcase){
		if((uid==null) || (pwd==null)){
			return null;
		}
		
		String etext = "";
		
		pwd= pwd.trim();
		if(isUpcase){
			pwd = pwd.toUpperCase();
		}
		
		//循环偏移3位ASC码		
		char[] chars = pwd.toCharArray();
		if(chars.length>=0){
			int cnt = chars.length;
			for(int i=cnt;i>0;i--){
				etext +=(char)( ((int)chars[i-1]) +3);				
			}			
		}
		
		return etext;
	}
}
